Data Breach at Northeast Ohio Neighborhood Health Involves United Healthcare, Optum, and Change Healthcare
You know our good mate, Marco A. De Felice, right? The chap that runs that cracking blog, SuspectFile? Well, he’s been knee-deep in the action again lately, nipping at the heels of cyber rouges and shaking the trees to see what falls out, metaphorically speaking.
He’s recently been putting the spotlight on that group of virtual miscreants known as Medusa. Our friend Marco reports that these digital ruffians wreaked havoc on Northeast Ohio Neighborhood Health services (NEON) not too long ago.
You might’ve heard that Medusa got their grubby fingers on a truckload of data. They snaffled almost 51 gigabytes of the precious info, and before you could say ‘blimey’, they’d tossed it all up on their website for the world to see. Loads of it was personal stuff, like health records and contract details for patients associated with United Healthcare Group. Quite the brouhaha!
Our techy Sherlock, Marco, gave some of the documents the once-over and found that they included insider info about deals NEON had cooked up with various health insurance companies and service providers. He discovered everything from financial reports to banking documents hidden amongst the spoils nabbed by our cyber baddies.
This caper kicked off earlier last month, on the 15th of April. Medusa wormed its way into NEON’s computing systems and nabbed the data. The scoundrels not only published it but also tried to hold NEON to ransom, demanding a whopping $250,000 for file deletion. The same amount was set for their sale! Poor NEON was left dangling, a little over two days before their data owed to be sold or made public.
You might be wondering, what’s the current situation with this blooming mess? Are NEON’s employee’s shaking in their boots, waiting for their personal info to be broadcast? Well, so far, there’s a bit of a stalemate. Medusa threatened to unload all of the data on or after 26th of April, but as of yet, no data dump has popped up anywhere.
NEON’s website isn’t setting off any alarms which is a touch curious given the hefty data snatched included some rather sensitive health info. It’s been a good while now, and we’ve not heard a peep from them. I did ask myself if they’d apprised their patients about the attack. No answer yet, though.
This situation’s a bit of a live wire -wire. I’ll be sure to keep my ear to the ground for any shakes or rumblings. Don’t forget to check in with our buddy Marco on SuspectFile as I’m sure his next update will be as speedy as it is insightful. Until then, stay safe in that wild world of cyberspace, folks!
by Parker Bytes